npm - openclaw-node-harness - Versions diffs - 2.1.0 → 2.2.0 - Mend

openclaw-node-harness 2.1.0 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

package/bin/lane-watchdog.js +54 -23
package/bin/mesh-agent.js +49 -18
package/bin/mesh-bridge.js +3 -2
package/bin/mesh-deploy.js +4 -0
package/bin/mesh-health-publisher.js +41 -1
package/bin/mesh-task-daemon.js +14 -4
package/bin/mesh.js +17 -43
package/install.sh +3 -2
package/lib/agent-activity.js +2 -2
package/lib/exec-safety.js +163 -0
package/lib/kanban-io.js +20 -33
package/lib/llm-providers.js +27 -0
package/lib/mcp-knowledge/core.mjs +7 -5
package/lib/mcp-knowledge/server.mjs +8 -1
package/lib/mesh-collab.js +274 -250
package/lib/mesh-harness.js +6 -0
package/lib/mesh-plans.js +84 -45
package/lib/mesh-tasks.js +113 -81
package/lib/nats-resolve.js +4 -4
package/lib/pre-compression-flush.mjs +2 -0
package/lib/session-store.mjs +6 -3
package/mission-control/package-lock.json +4188 -3698
package/mission-control/package.json +2 -2
package/mission-control/src/app/api/diagnostics/route.ts +8 -0
package/mission-control/src/app/api/diagnostics/test-runner/route.ts +8 -0
package/mission-control/src/app/api/memory/graph/route.ts +34 -18
package/mission-control/src/app/api/memory/search/route.ts +9 -5
package/mission-control/src/app/api/mesh/identity/route.ts +13 -5
package/mission-control/src/app/api/mesh/nodes/route.ts +8 -0
package/mission-control/src/app/api/settings/gateway/route.ts +62 -0
package/mission-control/src/app/api/souls/[id]/evolution/route.ts +49 -12
package/mission-control/src/app/api/souls/[id]/prompt/route.ts +7 -1
package/mission-control/src/app/api/souls/[id]/propagate/route.ts +24 -5
package/mission-control/src/app/api/souls/route.ts +6 -4
package/mission-control/src/app/api/tasks/[id]/handoff/route.ts +7 -1
package/mission-control/src/app/api/tasks/[id]/route.ts +20 -4
package/mission-control/src/app/api/tasks/route.ts +68 -9
package/mission-control/src/app/api/workspace/read/route.ts +11 -0
package/mission-control/src/lib/config.ts +11 -2
package/mission-control/src/lib/db/index.ts +16 -1
package/mission-control/src/lib/memory/extract.ts +2 -1
package/mission-control/src/lib/memory/retrieval.ts +3 -2
package/mission-control/src/lib/sync/tasks.ts +4 -1
package/mission-control/src/middleware.ts +82 -0
package/package.json +1 -1
package/services/launchd/ai.openclaw.lane-watchdog.plist +1 -1
package/services/launchd/ai.openclaw.log-rotate.plist +11 -0
package/services/launchd/ai.openclaw.mesh-agent.plist +4 -0
package/services/launchd/ai.openclaw.mesh-deploy-listener.plist +4 -0
package/services/launchd/ai.openclaw.mesh-health-publisher.plist +4 -0
package/services/launchd/ai.openclaw.mission-control.plist +5 -4
package/uninstall.sh +37 -9

package/lib/mesh-harness.js CHANGED Viewed

@@ -22,6 +22,7 @@ const fs = require('fs');
 const path = require('path');
 const { execSync } = require('child_process');
 const { globMatch } = require('./rule-loader');
+const { validateExecCommand } = require('./exec-safety');
 // ── Rule Loading ─────────────────────────────────────
@@ -241,6 +242,11 @@ function preCommitSecretScan(worktreePath) {
 function postCommitValidate(worktreePath, command) {
   if (!worktreePath || !command) return { passed: true, output: '' };
+  const validation = validateExecCommand(command);
+  if (!validation.allowed) {
+    return { passed: false, output: `Validation command blocked: ${validation.reason}` };
+  }
   try {
     const output = execSync(command, {
       cwd: worktreePath, timeout: 10000, encoding: 'utf-8', stdio: 'pipe',

package/lib/mesh-plans.js CHANGED Viewed

@@ -38,6 +38,13 @@ const SUBTASK_STATUS = {
 // ── Delegation Modes ───────────────────────────────
+const PLAN_TRANSITIONS = {
+  approve: new Set(['review', 'draft']),
+  startExecuting: new Set(['approved']),
+  markCompleted: new Set(['executing']),
+  markAborted: new Set(['draft', 'review', 'approved', 'executing']),
+};
 const DELEGATION_MODE = {
   SOLO_MESH: 'solo_mesh',
   COLLAB_MESH: 'collab_mesh',
@@ -127,6 +134,11 @@ function createPlan({
   // Compute wave assignments
   assignWaves(enriched);
+  // Mark cycle-blocked subtasks (wave === -1) so they don't prevent plan completion
+  for (const st of enriched) {
+    if (st.wave === -1 && st.status === 'pending') st.status = 'blocked';
+  }
   const totalBudget = enriched.reduce((sum, st) => sum + st.budget_minutes, 0);
   const maxWave = enriched.reduce((max, st) => Math.max(max, st.wave), 0);
@@ -210,6 +222,14 @@ function assignWaves(subtasks) {
     wave++;
     currentWave = nextWave;
   }
+  // Detect cycles: any node with remaining in-degree > 0 is in a cycle
+  for (const [taskId, degree] of inDegree.entries()) {
+    if (degree > 0) {
+      const subtask = idMap.get(taskId);
+      if (subtask) subtask.wave = -1; // blocked by cycle
+    }
+  }
 }
 // ── Delegation Decision Tree ───────────────────────
@@ -351,6 +371,29 @@ class PlanStore {
     return JSON.parse(sc.decode(entry.value));
   }
+  /**
+   * Compare-and-swap helper: read → mutate → write with optimistic concurrency.
+   * Re-reads and retries on conflict (up to maxRetries).
+   * mutateFn receives the parsed data and must return the updated object, or falsy to skip.
+   */
+  async _updateWithCAS(key, mutateFn, maxRetries = 3) {
+    for (let attempt = 0; attempt < maxRetries; attempt++) {
+      const entry = await this.kv.get(key);
+      if (!entry) return null;
+      const data = JSON.parse(sc.decode(entry.value));
+      const updated = mutateFn(data);
+      if (!updated) return null;
+      try {
+        await this.kv.put(key, sc.encode(JSON.stringify(updated)), { previousSeq: entry.revision });
+        return updated;
+      } catch (err) {
+        const isCasConflict = err.code === '10071' || (err.message && err.message.includes('wrong last sequence'));
+        if (!isCasConflict || attempt === maxRetries - 1) throw err;
+        // CAS conflict — retry
+      }
+    }
+  }
   async delete(planId) {
     await this.kv.delete(planId);
   }
@@ -389,69 +432,65 @@ class PlanStore {
   // ── Lifecycle ───────────────────────────────────
   async submitForReview(planId) {
-    const plan = await this.get(planId);
-    if (!plan) return null;
-    plan.status = PLAN_STATUS.REVIEW;
-    await this.put(plan);
-    return plan;
+    return this._updateWithCAS(planId, (plan) => {
+      if (plan.status !== 'draft') return null;
+      plan.status = PLAN_STATUS.REVIEW;
+      return plan;
+    });
   }
   async approve(planId, approvedBy = 'gui') {
-    const plan = await this.get(planId);
-    if (!plan) return null;
-    plan.status = PLAN_STATUS.APPROVED;
-    plan.approved_by = approvedBy;
-    plan.approved_at = new Date().toISOString();
-    await this.put(plan);
-    return plan;
+    return this._updateWithCAS(planId, (plan) => {
+      if (!PLAN_TRANSITIONS.approve.has(plan.status)) return null;
+      plan.status = PLAN_STATUS.APPROVED;
+      plan.approved_by = approvedBy;
+      plan.approved_at = new Date().toISOString();
+      return plan;
+    });
   }
   async startExecuting(planId) {
-    const plan = await this.get(planId);
-    if (!plan) return null;
-    plan.status = PLAN_STATUS.EXECUTING;
-    plan.started_at = new Date().toISOString();
-    await this.put(plan);
-    return plan;
+    return this._updateWithCAS(planId, (plan) => {
+      if (!PLAN_TRANSITIONS.startExecuting.has(plan.status)) return null;
+      plan.status = PLAN_STATUS.EXECUTING;
+      plan.started_at = new Date().toISOString();
+      return plan;
+    });
   }
   async markCompleted(planId) {
-    const plan = await this.get(planId);
-    if (!plan) return null;
-    plan.status = PLAN_STATUS.COMPLETED;
-    plan.completed_at = new Date().toISOString();
-    await this.put(plan);
-    return plan;
+    return this._updateWithCAS(planId, (plan) => {
+      if (!PLAN_TRANSITIONS.markCompleted.has(plan.status)) return null;
+      plan.status = PLAN_STATUS.COMPLETED;
+      plan.completed_at = new Date().toISOString();
+      return plan;
+    });
   }
   async markAborted(planId, reason) {
-    const plan = await this.get(planId);
-    if (!plan) return null;
-    plan.status = PLAN_STATUS.ABORTED;
-    plan.completed_at = new Date().toISOString();
-    // Mark all pending subtasks as blocked
-    for (const st of plan.subtasks) {
-      if (st.status === SUBTASK_STATUS.PENDING || st.status === SUBTASK_STATUS.QUEUED) {
-        st.status = SUBTASK_STATUS.BLOCKED;
-        st.result = { success: false, summary: `Plan aborted: ${reason}` };
+    return this._updateWithCAS(planId, (plan) => {
+      if (!PLAN_TRANSITIONS.markAborted.has(plan.status)) return null;
+      plan.status = PLAN_STATUS.ABORTED;
+      plan.completed_at = new Date().toISOString();
+      for (const st of plan.subtasks) {
+        if (st.status === SUBTASK_STATUS.PENDING || st.status === SUBTASK_STATUS.QUEUED) {
+          st.status = SUBTASK_STATUS.BLOCKED;
+          st.result = { success: false, summary: `Plan aborted: ${reason}` };
+        }
       }
-    }
-    await this.put(plan);
-    return plan;
+      return plan;
+    });
   }
   // ── Subtask Management ──────────────────────────
   async updateSubtask(planId, subtaskId, updates) {
-    const plan = await this.get(planId);
-    if (!plan) return null;
-    const st = plan.subtasks.find(s => s.subtask_id === subtaskId);
-    if (!st) return null;
-    Object.assign(st, updates);
-    await this.put(plan);
-    return plan;
+    return this._updateWithCAS(planId, (plan) => {
+      const st = plan.subtasks.find(s => s.subtask_id === subtaskId);
+      if (!st) return null;
+      Object.assign(st, updates);
+      return plan;
+    });
   }
   /**

package/lib/mesh-tasks.js CHANGED Viewed

@@ -46,6 +46,14 @@ const TASK_STATUS = {
   REJECTED: 'rejected',
 };
+const TERMINAL_STATES = new Set([
+  TASK_STATUS.COMPLETED,
+  TASK_STATUS.FAILED,
+  TASK_STATUS.RELEASED,
+  TASK_STATUS.CANCELLED,
+  TASK_STATUS.REJECTED,
+]);
 /**
  * Create a new task with the enriched schema.
  * Karpathy-inspired fields: budget_minutes, metric, on_fail, scope.
@@ -142,6 +150,29 @@ class TaskStore {
     return JSON.parse(sc.decode(entry.value));
   }
+  /**
+   * Compare-and-swap helper: read → mutate → write with optimistic concurrency.
+   * Re-reads and retries on conflict (up to maxRetries).
+   * mutateFn receives the parsed data and must return the updated object, or falsy to skip.
+   */
+  async _updateWithCAS(key, mutateFn, maxRetries = 3) {
+    for (let attempt = 0; attempt < maxRetries; attempt++) {
+      const entry = await this.kv.get(key);
+      if (!entry) return null;
+      const data = JSON.parse(sc.decode(entry.value));
+      const updated = mutateFn(data);
+      if (!updated) return null;
+      try {
+        await this.kv.put(key, sc.encode(JSON.stringify(updated)), { previousSeq: entry.revision });
+        return updated;
+      } catch (err) {
+        const isCasConflict = err.code === '10071' || (err.message && err.message.includes('wrong last sequence'));
+        if (!isCasConflict || attempt === maxRetries - 1) throw err;
+        // CAS conflict — retry
+      }
+    }
+  }
   async delete(taskId) {
     await this.kv.delete(taskId);
   }
@@ -213,39 +244,42 @@ class TaskStore {
     if (claimable.length === 0) return null;
     const task = claimable[0];
-    task.status = TASK_STATUS.CLAIMED;
-    task.owner = nodeId;
-    task.claimed_at = new Date().toISOString();
-    const budgetMs = (task.budget_minutes || 30) * 60 * 1000;
-    task.budget_deadline = new Date(Date.now() + budgetMs).toISOString();
-    await this.put(task);
-    return task;
+    const result = await this._updateWithCAS(task.task_id, (t) => {
+      // Re-check status under CAS — another node may have claimed it
+      if (t.status !== TASK_STATUS.QUEUED) return null;
+      t.status = TASK_STATUS.CLAIMED;
+      t.owner = nodeId;
+      t.claimed_at = new Date().toISOString();
+      const budgetMs = (t.budget_minutes || 30) * 60 * 1000;
+      t.budget_deadline = new Date(Date.now() + budgetMs).toISOString();
+      return t;
+    });
+    return result;
   }
   /**
    * Mark a task as running (agent started work).
    */
   async markRunning(taskId) {
-    const task = await this.get(taskId);
-    if (!task) return null;
-    task.status = TASK_STATUS.RUNNING;
-    task.started_at = new Date().toISOString();
-    await this.put(task);
-    return task;
+    return this._updateWithCAS(taskId, (task) => {
+      if (TERMINAL_STATES.has(task.status)) return null;
+      task.status = TASK_STATUS.RUNNING;
+      task.started_at = new Date().toISOString();
+      return task;
+    });
   }
   /**
    * Mark a task as completed with result.
    */
   async markCompleted(taskId, result) {
-    const task = await this.get(taskId);
-    if (!task) return null;
-    task.status = TASK_STATUS.COMPLETED;
-    task.completed_at = new Date().toISOString();
-    task.result = result;
-    await this.put(task);
-    return task;
+    return this._updateWithCAS(taskId, (task) => {
+      if (TERMINAL_STATES.has(task.status)) return null;
+      task.status = TASK_STATUS.COMPLETED;
+      task.completed_at = new Date().toISOString();
+      task.result = result;
+      return task;
+    });
   }
   /**
@@ -253,70 +287,68 @@ class TaskStore {
    * Stores the result but doesn't transition to completed.
    */
   async markPendingReview(taskId, result) {
-    const task = await this.get(taskId);
-    if (!task) return null;
-    task.status = TASK_STATUS.PENDING_REVIEW;
-    task.result = result;
-    task.review_requested_at = new Date().toISOString();
-    await this.put(task);
-    return task;
+    return this._updateWithCAS(taskId, (task) => {
+      if (TERMINAL_STATES.has(task.status)) return null;
+      task.status = TASK_STATUS.PENDING_REVIEW;
+      task.result = result;
+      task.review_requested_at = new Date().toISOString();
+      return task;
+    });
   }
   /**
    * Approve a pending_review task → completed.
    */
   async markApproved(taskId) {
-    const task = await this.get(taskId);
-    if (!task) return null;
-    if (task.status !== TASK_STATUS.PENDING_REVIEW) return null;
-    task.status = TASK_STATUS.COMPLETED;
-    task.completed_at = new Date().toISOString();
-    task.reviewed_by = 'human';
-    await this.put(task);
-    return task;
+    return this._updateWithCAS(taskId, (task) => {
+      if (task.status !== TASK_STATUS.PENDING_REVIEW) return null;
+      task.status = TASK_STATUS.COMPLETED;
+      task.completed_at = new Date().toISOString();
+      task.reviewed_by = 'human';
+      return task;
+    });
   }
   /**
    * Reject a pending_review task → re-queue with reason.
    */
   async markRejected(taskId, reason) {
-    const task = await this.get(taskId);
-    if (!task) return null;
-    if (task.status !== TASK_STATUS.PENDING_REVIEW) return null;
-    task.status = TASK_STATUS.QUEUED;
-    task.rejection_reason = reason;
-    task.result = null; // clear previous result
-    task.review_requested_at = null;
-    await this.put(task);
-    return task;
+    return this._updateWithCAS(taskId, (task) => {
+      if (task.status !== TASK_STATUS.PENDING_REVIEW) return null;
+      task.status = TASK_STATUS.QUEUED;
+      task.rejection_reason = reason;
+      task.result = null;
+      task.review_requested_at = null;
+      return task;
+    });
   }
   /**
    * Mark a task as failed with reason.
    */
   async markFailed(taskId, reason, attempts = []) {
-    const task = await this.get(taskId);
-    if (!task) return null;
-    task.status = TASK_STATUS.FAILED;
-    task.completed_at = new Date().toISOString();
-    task.result = { success: false, summary: reason };
-    task.attempts = attempts;
-    await this.put(task);
-    return task;
+    return this._updateWithCAS(taskId, (task) => {
+      if (TERMINAL_STATES.has(task.status)) return null;
+      task.status = TASK_STATUS.FAILED;
+      task.completed_at = new Date().toISOString();
+      task.result = { success: false, summary: reason };
+      task.attempts = attempts;
+      return task;
+    });
   }
   /**
    * Log an attempt on a task (agent tried something, may or may not have worked).
    */
   async logAttempt(taskId, attempt) {
-    const task = await this.get(taskId);
-    if (!task) return null;
-    task.attempts.push({
-      ...attempt,
-      timestamp: new Date().toISOString(),
+    return this._updateWithCAS(taskId, (task) => {
+      if (TERMINAL_STATES.has(task.status)) return null;
+      task.attempts.push({
+        ...attempt,
+        timestamp: new Date().toISOString(),
+      });
+      return task;
     });
-    await this.put(task);
-    return task;
   }
   /**
@@ -324,25 +356,25 @@ class TaskStore {
    * Distinct from failed: failed = "didn't work", released = "we tried everything."
    */
   async markReleased(taskId, reason, attempts = []) {
-    const task = await this.get(taskId);
-    if (!task) return null;
-    task.status = TASK_STATUS.RELEASED;
-    task.completed_at = new Date().toISOString();
-    task.result = { success: false, summary: reason, released: true };
-    if (attempts.length > 0) task.attempts = attempts;
-    await this.put(task);
-    return task;
+    return this._updateWithCAS(taskId, (task) => {
+      if (TERMINAL_STATES.has(task.status)) return null;
+      task.status = TASK_STATUS.RELEASED;
+      task.completed_at = new Date().toISOString();
+      task.result = { success: false, summary: reason, released: true };
+      if (attempts.length > 0) task.attempts = attempts;
+      return task;
+    });
   }
   /**
    * Update last_activity timestamp (agent heartbeat).
    */
   async touchActivity(taskId) {
-    const task = await this.get(taskId);
-    if (!task) return null;
-    task.last_activity = new Date().toISOString();
-    await this.put(task);
-    return task;
+    return this._updateWithCAS(taskId, (task) => {
+      if (TERMINAL_STATES.has(task.status)) return null;
+      task.last_activity = new Date().toISOString();
+      return task;
+    });
   }
   /**
@@ -363,25 +395,25 @@ class TaskStore {
   }
   /**
-   * Find running tasks with no activity for `stallMinutes`.
+   * Find running or claimed tasks with no activity for `stallMinutes`.
    * Stall detection is separate from budget — a task can be within budget
    * but the agent process may have died silently.
+   * Claimed tasks that never transition to running (agent crashed after claim)
+   * are also detected and released back to queued.
    */
   async findStalled(stallMinutes = 5) {
     const running = await this.list({ status: TASK_STATUS.RUNNING });
+    const claimed = await this.list({ status: TASK_STATUS.CLAIMED });
     const cutoff = Date.now() - stallMinutes * 60 * 1000;
-    return running.filter(t => {
-      const lastSignal = t.last_activity || t.started_at;
+    return [...running, ...claimed].filter(t => {
+      const lastSignal = t.last_activity || t.started_at || t.claimed_at;
       return lastSignal && new Date(lastSignal) < cutoff;
     });
   }
   async _checkDeps(depIds) {
-    for (const depId of depIds) {
-      const dep = await this.get(depId);
-      if (!dep || dep.status !== TASK_STATUS.COMPLETED) return false;
-    }
-    return true;
+    const deps = await Promise.all(depIds.map(id => this.get(id)));
+    return deps.every(dep => dep && dep.status === TASK_STATUS.COMPLETED);
   }
 }

package/lib/nats-resolve.js CHANGED Viewed

@@ -37,7 +37,7 @@ function resolveNatsUrl() {
     if (fs.existsSync(envFile)) {
       const content = fs.readFileSync(envFile, 'utf8');
       const match = content.match(/^\s*OPENCLAW_NATS\s*=\s*(.+)/m);
-      if (match && match[1].trim()) return match[1].trim();
+      if (match && match[1].trim()) return match[1].trim().replace(/^["']|["']$/g, '');
     }
   } catch {
     // File unreadable — fall through silently
@@ -49,7 +49,7 @@ function resolveNatsUrl() {
     if (fs.existsSync(meshConfig)) {
       const content = fs.readFileSync(meshConfig, 'utf8');
       const match = content.match(/^\s*OPENCLAW_NATS\s*=\s*(.+)/m);
-      if (match && match[1].trim()) return match[1].trim();
+      if (match && match[1].trim()) return match[1].trim().replace(/^["']|["']$/g, '');
     }
   } catch {
     // File unreadable — fall through silently
@@ -73,7 +73,7 @@ function resolveNatsToken() {
     if (fs.existsSync(envFile)) {
       const content = fs.readFileSync(envFile, 'utf8');
       const match = content.match(/^\s*OPENCLAW_NATS_TOKEN\s*=\s*(.+)/m);
-      if (match && match[1].trim()) return match[1].trim();
+      if (match && match[1].trim()) return match[1].trim().replace(/^["']|["']$/g, '');
     }
   } catch {}
@@ -83,7 +83,7 @@ function resolveNatsToken() {
     if (fs.existsSync(meshConfig)) {
       const content = fs.readFileSync(meshConfig, 'utf8');
       const match = content.match(/^\s*OPENCLAW_NATS_TOKEN\s*=\s*(.+)/m);
-      if (match && match[1].trim()) return match[1].trim();
+      if (match && match[1].trim()) return match[1].trim().replace(/^["']|["']$/g, '');
     }
   } catch {}

package/lib/pre-compression-flush.mjs CHANGED Viewed

@@ -74,6 +74,8 @@ export async function shouldFlush(jsonlPath, opts = {}) {
   const { contextWindowTokens = 200000, flushPct = 0.75 } = opts;
   const threshold = Math.floor(contextWindowTokens * flushPct);
+  if (!fs.existsSync(jsonlPath)) return { shouldFlush: false, estimatedTokens: 0, pctUsed: 0, threshold };
   const stat = fs.statSync(jsonlPath);
   // Quick estimate from file size — ~4 chars/token, but JSONL has overhead (~2x)
   const quickEstimate = Math.ceil(stat.size / (CHARS_PER_TOKEN * 2));

package/lib/session-store.mjs CHANGED Viewed

@@ -398,10 +398,13 @@ export class SessionStore {
    * - Escapes quotes
    */
   #buildFtsQuery(query) {
-    const cleaned = query.replace(/"/g, '""').trim();
-    if (!cleaned) return null;
+    if (!query || !query.trim()) return null;
+    // Escape double quotes, then strip FTS5 operators to prevent query injection
+    const escaped = query.replace(/"/g, '""').trim();
+    const safe = escaped.replace(/[*(){}^]/g, '');
+    if (!safe) return null;
-    const words = cleaned.split(/\s+/).filter(w => w.length > 0);
+    const words = safe.split(/\s+/).filter(w => w.length > 0);
     if (words.length === 0) return null;
     if (words.length === 1) {